PathCheck Example

The example in this section demonstrates how to implement a custom SAF
for performing path checks. This example simply checks if the requesting host
is on a list of allowed hosts.

The Init function acf-init loads
a file containing a list of allowable IP addresses with one IP address per
line. The PathCheck function restrict_by_acf gets
the IP address of the host that is making the request and checks if it is
on the list. If the host is on the list, it is allowed access; otherwise,
access is denied.

For simplicity, the studio library is used to scan the IP addresses
from the file.

Installing the Example

To load the shared object containing your functions, add the following
line in the Init section of the magnus.conf file:

Init fn=load-modules yourlibrary funcs=acf-init,restrict-by-acf

To call the function, acf-init for reading the list
of allowable hosts, add the following line to the Init section
in magnus.conf. (This line must come after the one that
loads the library containing acf-init).

Init fn=acf-init file=fileContainingHostsList

To execute your custom SAF during the request-response process for some
object, add the following line to that object in the obj.conf file:

PathCheck fn=restrict-by-acf

Source Code

The source code for this example is in pcheck.c in
the nsapi/examples/ or plugins/nsapi/examples subdirectory
within the server root directory.